Globalization has changed the structure and pace of corporate life; the saturation of traditional markets is taking companies to more risky places; the shift towards a knowledge economy is eroding the importance of ‘place’ in the business world; new business practices such as off shoring challenge companies to manage at a distance; and new forms of accountability, such as corporate governance and corporate social responsibility, put added pressure on companies to match their words with deeds, wherever they are operating.
At the same time, security risks have become more complex, too. Many of the threats, such as terrorism, organised crime and information security, are asymmetric and networked, making them more difficult to manage. There is also greater appreciation of the interdependence between a company’s risk portfolio and the way it does business: certain types of behaviour can enhance or undermine an organisation’s ‘licence to operate’, and in some cases this can generate risks that would not otherwise exist. As a result, security has a higher profile in the corporate world today than it did five years ago. Companies are looking for new ways to manage these risks and the portfolio of the security department has widened to include shared responsibility for things such as reputation, corporate governance and regulation, corporate social responsibility and information assurance.